The US government is investigating TP-Link, a Chinese company that supplies about 65% of routers for American homes and small businesses, amid concerns about national security risks. Reports suggest these routers have vulnerabilities that cybercriminals exploit to compromise sensitive enterprise data.Investigations by the Commerce, Defense, and Justice Departments indicate that the routers may have been exploited in cyberattacks, raising alarms for individual users and enterprises relying on secure networks to support hybrid workforces.If confirmed, these risks could lead to a ban on TP-Link products in the US as early as next year, reflecting escalating tensions between the US and China over cybersecurity vulnerabilities in technology infrastructure, according to The Wall Street Journal.As consumer-grade routers become critical to hybrid work models, they are increasingly seen as weak links in cybersecurity. Experts warn that hacked devices can serve as entry points for corporate espionage, DDoS attacks on enterprise systems, and the interception of sensitive information over VPNs.This highlights the growing concern that flaws in home and small business routers could have far-reaching implications for enterprise security. This development follows a series of cybersecurity alerts and reports that have linked TP-Link routers to malicious activities. Last year, the US Cybersecurity and Infrastructure Security Agency (CISA) identified a vulnerability in TP-Link routers that allowed attackers to execute remote code.Again on August 13, John Moolenaar, Chair of the US House Select Committee on the Chinese Communist Party, and Raja Krishnamoorthi, the committee’s Ranking Member, addressed a letter to Commerce Secretary Gina Raimondo urging an investigation into TP-Link. The lawmakers claimed that “open-source information” suggests TP-Link’s products may pose a security risk.”TP-Link’s unusual degree of vulnerabilities and required compliance with PRC law are in and of themselves disconcerting. When combined with the PRC government’s common use of SOHO routers like TP-Link to perpetrate extensive cyberattacks in the US, it becomes significantly alarming,” the letter read.In October, Microsoft published an analysis that highlighted that compromised TP-Link devices were integral to the activities of “CovertNetwork-1658,” a China-linked hacking operation. These routers reportedly provided a network of egress IPs that masked subsequent attacks on American critical infrastructure, part of a broader campaign dubbed Volt Typhoon.”CovertNetwork-1658 specifically refers to a collection of egress IPs that may be used by one or more Chinese threat actors and is wholly comprised of compromised devices. Microsoft assesses that a threat actor located in China established and maintains this network,” Microsoft said in its report.
Investigations intensify
The Biden administration initiated multiple probes into TP-Link following a bipartisan letter from two lawmakers in August urging immediate action. The letter emphasized fears that Wi-Fi routers manufactured by TP-Link could be leveraged in cyberattacks targeting US infrastructure, businesses, and governments.According to the Wall Street Journal, subpoenas have already been issued by the Commerce Department as the Defense and Justice Departments pursue their own investigations.If evidence corroborates these concerns, the agencies may recommend prohibiting TP-Link’s routers in the US market.
Wider implications in the tech Cold War
The scrutiny of TP-Link comes amid a growing rift between the US and China over cybersecurity and technological dominance. While the US investigates allegations against Chinese companies like TP-Link, China has raised its own accusations.According to China’s National Computer Network Emergency Response Technical Team (CNCERT), two advanced tech firms in the country were targeted by cyberattacks in 2023, allegedly carried out by a US intelligence agency. The incidents, involving a materials research center and a leading tech company in intelligent energy, were described as attempts to steal trade secrets, Reuters reported.These mutual allegations highlight how cybersecurity is becoming a key battleground in the US-China tech rivalry. The TP-Link investigation reflects the Biden administration’s growing concern over the vulnerabilities of Chinese-manufactured technology, while Beijing’s claims point to its belief that industrial espionage flows both ways.The Biden administration’s stance builds on years of increasing action against Chinese tech firms, including Huawei and ZTE, as the US seeks to secure its technological ecosystem against foreign interference. Adding urgency, President-elect Donald Trump has signaled his intention to levy up to 60% tariffs on Chinese-made goods, reinforcing the trade and technology divide.Neither TP-Link nor the Department of Defense has responded to requests for comments.As the US tightens its cybersecurity defenses, TP-Link routers, ubiquitous in many American homes and businesses, have come under intense scrutiny. The proposed ban signals a significant shift in how the government approaches foreign-made technologies with security implications, underscoring the critical importance of robust defenses against cyber threats in an increasingly interconnected world.
First seen on csoonline.com
Jump to article: www.csoonline.com/article/3628483/us-eyes-ban-on-tp-link-routers-amid-cybersecurity-concerns.html
